bot@lemmy.smeargle.fansMB to Hacker News@lemmy.smeargle.fans · 4 months ago

OpenSSL bug exposed up to 255 bytes of server heap and existed since 2011

1

9

OpenSSL bug exposed up to 255 bytes of server heap and existed since 2011

bot@lemmy.smeargle.fansMB to Hacker News@lemmy.smeargle.fans · 4 months ago

1

jbp.io :: CVE-2024-5535: `SSL_select_next_proto` buffer overread

Chat

qprimed
link
fedilink
arrow-up
5·
4 months ago
SSL_select_next_proto` buffer overread celebrating a decade of publishing your heap over the internet

ok, if that article tagline does not grab your attention, youre dead inside.

tl;dr

current exploit unlikely, but historical exploits possible.

roll aging secrets and be cautious about the integrity of older session data.

Hacker News@lemmy.smeargle.fans

hackernews@lemmy.smeargle.fans

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !hackernews@lemmy.smeargle.fans

Community locked: only moderators can create posts. You can still comment on posts.

A mirror of Hacker News’ best submissions.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1 user / day
1 user / week
1 user / month
2.18K users / 6 months
128 local subscribers
2.17K subscribers
16.6K Posts
3.9K Comments
Modlog

mods:
bot@lemmy.smeargle.fans